Entries Tagged "bombs"

Page 16 of 22

Least Risk Bomb Location

This fascinating tidbit is from Aviation Week and Space Technology (April 9, 2007, p. 21), in David Bond’s “Washington Outlook” column (unfortunately, not online).

Need to Know

Security and society’s litigious bent combine to make airlines unsuited for figuring out the best place to put a suspected explosive device discovered during a flight, AirTran Airways tells the FAA (Federal Aviation Administration). Commenting on a proposed rule that would require, among other things, designation of a “least risk bomb location” (LRBL)—the place on an aircraft where a bomb would do the least damage if it exploded—AirTran engineering director Rick Shideler says it’s hard for airlines to get aircraft design information related to such a location because of agreements between manufacturers and the Homeland Security Department. The carrier got LRBL information for its 717s and 737s from Boeing but can’t find out why the locations were chosen, “or even who specifically picked them,” because of liability laws.

I’d never heard of an LRBL before, but the FAA has public proposed guidelines on them. Apparently flight crews are trained to stash suspicious objects there.

But liability seems to be getting in the way of security and common sense here. It seems reasonable that an airline’s engineering director should be allowed to understand the technical reasoning behind the choice of LRBL, and maybe even give the manufacturer feedback on it.

EDITED TO ADD (4/21): Comment (below) from a pilot: The designation of a “least risk bomb location” is nothing new. All planes have a designated area where potentially dangerous packages should be placed. Usually it’s in the back, adjacent to a door. There are a slew of procedures to be followed if an explosive device is found on board: depressurizing the plane, moving the item to the LRBL, and bracing/smothering it with luggage and other dense materials so that the force of the blast is directed outward, through the door.

Posted on April 20, 2007 at 1:39 PMView Comments

Arresting Children

A disturbing trend.

These are not the sorts of matters the police should be getting involved in. The police aren’t trained to handle children this age, and children this age don’t benefit by being fingerprinted and thrown in jail.

EDITED TO ADD (4/18): Another example:

Unfortunately, the school forgot that the clocks had switched to Daylight Saving Time that morning. The time stamps left on the hotline were adjusted by an hour after Day Light Savings causing Webb’s call to logged as the same time the bomb threat was placed. Webb, who’s never even had a detention in his life, had actually made his call an hour before the bomb threat was placed.

Despite the fact that the recording of the call featured a voice that sounded nothing like Webb’s, the police arrested Webb and he spent 12 days in a juvenile detention facility before the school eventually realised their mistake.

Posted on April 18, 2007 at 12:02 PMView Comments

Another Boston Terrorism Overreaction

Are these people trying to be stupid?

Sofia Loginova, 17, a Quincy High senior, said she didn’t hire anyone to hang four backpacks emblazoned with her Web site’s name, www.B4Class.com, and filled with newspapers and some dollar bills, from tree limbs and on a fence near the school. The unexplained backpacks sparked a panic.

The State Police Bomb Squad brought in a mechanical robot and a bomb-sniffing dog to investigate, immediately bringing to mind the Cartoon Network marketing ploy that shut down parts of Boston for hours earlier this year.

Terrorism used to be hard. Now all you have to is hang backpacks from trees near schools.

Refuse to be terrorized, people!

Posted on April 17, 2007 at 7:23 AMView Comments

Copycats

It’s called “splash-and-grab,” and it’s a new way to rob convenience stores. Two guys walk into a store, and one comes up to the counter with a cup of hot coffee or cocoa. He pays for it, and when the clerk opens the cash drawer, he throws the coffee in the clerk’s face. The other one grabs the cash drawer, and they both run.

Crimes never change, but tactics do. This tactic is new; someone just invented it. But now that it’s in the news, copycats are repeating the trick. There have been at least 19 such robberies in Delaware, Pennsylvania and New Jersey. (Some arrests have been made since then.)

Here’s another example: On Nov. 24, 1971, someone with the alias Dan Cooper invented a new way to hijack an aircraft. Claiming he had a bomb, he forced a plane to land and then exchanged the passengers and flight attendants for $200,000 and four parachutes. (I leave it as an exercise for the reader to explain why asking for more than one parachute is critical to the plan’s success.) Taking off again, he told the pilots to fly to 10,000 feet. He then lowered the plane’s back stairs and parachuted away. He was never caught, and the FBI still doesn’t know who he is or whether he survived.

After this story hit the press, there was an epidemic of copycat attacks. In 31 hijackings the following year, half of the hijackers demanded parachutes. It got so bad that the FAA required Boeing to install a special latch—the Cooper Vane—on the back staircases of its 727s so they couldn’t be lowered in the air.

The internet is filled with copycats. Green-card lawyers invented spam; now everyone does it. Other people invented phishing, pharming, spear phishing. The virus, the worm, the Trojan: It’s hard to believe that these ubiquitous internet attack tactics were, until comparatively recently, tactics that no one had thought of.

Most attackers are copycats. They aren’t clever enough to invent a new way to rob a convenience store, use the web to steal money, or hijack an airplane. They try the same attacks again and again, or read about a new attack in the newspaper and decide they can try it, too.

In combating threats, it makes sense to focus on copycats when there is a population of people already willing to commit the crime, who will migrate to a new tactic once it has been demonstrated to be successful. In instances where there aren’t many attacks or attackers, and they’re smarter—al-Qaida-style terrorism comes to mind—focusing on copycats is less effective because the bad guys will respond by modifying their attacks accordingly.

Compare that to suicide bombings in Israel, which are mostly copycat attacks. The authorities basically know what a suicide bombing looks like, and do a pretty good job defending against the particular tactics they tend to see again and again. It’s still an arms race, but there is a lot of security gained by defending against copycats.

But even so, it’s important to understand which aspect of the crime will be adopted by copycats. Splash-and-grab crimes have nothing to do with convenience stores; copycats can target any store where hot coffee is easily available and there is only one clerk on duty. And the tactic doesn’t necessarily need coffee; one copycat used bleach. The new idea is to throw something painful and damaging in a clerk’s face, grab the valuables and run.

Similarly, when a suicide bomber blows up a restaurant in Israel, the authorities don’t automatically assume the copycats will attack other restaurants. They focus on the particulars of the bomb, the triggering mechanism and the way the bomber arrived at his target. Those are the tactics that copycats will repeat. The next target may be a theater or a hotel or any other crowded location.

The lesson for counterterrorism in America: Stay flexible. We’re not threatened by a bunch of copycats, so we’re best off expending effort on security measures that will work regardless of the tactics or the targets: intelligence, investigation and emergency response. By focusing too much on specifics—what the terrorists did last time—we’re wasting valuable resources that could be used to keep us safer.

This essay originally appeared on Wired.com.

Posted on March 8, 2007 at 3:23 PMView Comments

Is Everything a Bomb These Days?

In New Mexico, a bomb squad blew up two CD players, duct-taped to the bottoms of church pews, that played pornographic messages during Mass. This is a pretty funny high school prank and I hope the kids that did it get suitably punished. But they’re not terrorists. And I have a hard time believing that the police actually thought CD players were bombs.

Meanwhile, Irish police blew up a tape dispenser left outside a police station.

And not to be outdone, the Dutch police mistook one of their own transmitters for a bomb. At least they didn’t blow anything up.

Okay, everyone. We need some ideas, here. If we’re going to think everything weird is a bomb, then the false alarms are going to kill any hope of security.

EDITED TO ADD (3/3): If you’re having trouble identifying bombs, this quiz should help. And here’s a relevant cartoon.

Posted on February 23, 2007 at 12:38 PMView Comments

CYA Security

Since 9/11, we’ve spent hundreds of billions of dollars defending ourselves from terrorist attacks. Stories about the ineffectiveness of many of these security measures are common, but less so are discussions of why they are so ineffective. In short: much of our country’s counterterrorism security spending is not designed to protect us from the terrorists, but instead to protect our public officials from criticism when another attack occurs.

Boston, January 31: As part of a guerilla marketing campaign, a series of amateur-looking blinking signs depicting characters in the Aqua Teen Hunger Force, a show on the Cartoon Network, were placed on bridges, near a medical center, underneath an interstate highway, and in other crowded public places.

Police mistook these signs for bombs and shut down parts of the city, eventually spending over $1M sorting it out. Authorities blasted the stunt as a terrorist hoax, while others ridiculed the Boston authorities for overreacting. Almost no one looked beyond the finger pointing and jeering to discuss exactly why the Boston authorities overreacted so badly. They overreacted because the signs were weird.

If someone left a backpack full of explosives in a crowded movie theater, or detonated a truck bomb in the middle of a tunnel, no one would demand to know why the police hadn’t noticed it beforehand. But if a weird device with blinking lights and wires turned out to be a bomb—what every movie bomb looks like—there would be inquiries and demands for resignations. It took the police two weeks to notice the Mooninite blinkies, but once they did, they overreacted because their jobs were at stake.

This is “Cover Your Ass” security, and unfortunately it’s very common.

Airplane security seems to forever be looking backwards. Pre-9/11, it was bombs, guns, and knives. Then it was small blades and box cutters. Richard Reid tried to blow up a plane, and suddenly we all have to take off our shoes. And after last summer’s liquid plot, we’re stuck with a series of nonsensical bans on liquids and gels.

Once you think about this in terms of CYA, it starts to make sense. The TSA wants to be sure that if there’s another airplane terrorist attack, it’s not held responsible for letting it slip through. One year ago, no one could blame the TSA for not detecting liquids. But since everything seems obvious in hindsight, it’s basic job preservation to defend against what the terrorists tried last time.

We saw this kind of CYA security when Boston and New York randomly checked bags on the subways after the London bombing, or when buildings started sprouting concrete barriers after the Oklahoma City bombing. We also see it in ineffective attempts to detect nuclear bombs; authorities employ CYA security against the media-driven threat so they can say “we tried.”

At the same time, we’re ignoring threat possibilities that don’t make the news as much—against chemical plants, for example. But if there were ever an attack, that would change quickly.

CYA also explains the TSA’s inability to take anyone off the no-fly list, no matter how innocent. No one is willing to risk his career on removing someone from the no-fly list who might—no matter how remote the possibility—turn out to be the next terrorist mastermind.

Another form of CYA security is the overly specific countermeasures we see during big events like the Olympics and the Oscars, or in protecting small towns. In all those cases, those in charge of the specific security don’t dare return the money with a message “use this for more effective general countermeasures.” If they were wrong and something happened, they’d lose their jobs.

And finally, we’re seeing CYA security on the national level, from our politicians. We might be better off as a nation funding intelligence gathering and Arabic translators, but it’s a better re-election strategy to fund something visible but ineffective, like a national ID card or a wall between the U.S. and Mexico.

Securing our nation from threats that are weird, threats that either happened before or captured the media’s imagination, and overly specific threats are all examples of CYA security. It happens not because the authorities involved—the Boston police, the TSA, and so on—are not competent, or not doing their job. It happens because there isn’t sufficient national oversight, planning, and coordination.

People and organizations respond to incentives. We can’t expect the Boston police, the TSA, the guy who runs security for the Oscars, or local public officials to balance their own security needs against the security of the nation. They’re all going to respond to the particular incentives imposed from above. What we need is a coherent antiterrorism policy at the national level: one based on real threat assessments, instead of fear-mongering, re-election strategies, or pork-barrel politics.

Sadly, though, there might not be a solution. All the money is in fear-mongering, re-election strategies, and pork-barrel politics. And, like so many things, security follows the money.

This essay originally appeared on Wired.com.

EDITED TO ADD (2/23): Interesting commentary, and a Slashdot thread.

Posted on February 22, 2007 at 5:52 AMView Comments

Recognizing a Suicide Bomber

Fascinating story of an Israeli taxi driver who picked up a suicide bomber. What’s interesting to me is how the driver comes to realize his passenger is a suicide bomber. It wasn’t anything that comes up on a profile, but a feeling that something is wrong:

Mr Woltinsky said he realised straight away that something was not quite right.

“When he got into my car, I had a bad feeling because he did not behave normally—his eyes, his nerves—and the fact he was wearing a big red jacket even though it was hot.

“I asked him where he wanted to go but he didn’t say anything, just waved his hand.

“When I asked him again, he said only one word, “Haifa”, in an Arab accent. Haifa is hundreds of kilometres away, so now I was almost 100% sure he was a suicide bomber.”

In other words, his passanger was acting hinky.

EDITED TO ADD (2/1): The Israeli was not a taxi driver. Apologies.

Posted on February 1, 2007 at 6:26 AMView Comments

1 14 15 16 17 18 22

Sidebar photo of Bruce Schneier by Joe MacInnis.